{{$store.state.data.search.serverData.config.placeholder}}

{{ vm.heading }}

{{ vm.closeTabLabel }}

Hi
!

Since the last time you logged in our privacy statement has been updated.

Hi
!

Since the last time you logged in our privacy statement has been updated.

We want to ensure that you are kept up to date with any changes and as such would ask that you take a moment to review the changes.You will not continue to receive KPMG subscriptions until you accept the changes.

Please create my KPMG Preference Centre account. I acknowledge and agree to KPMG in the UK's Terms and Conditions.

By registering for an account we will use your selections to personalise your website experience. The subscription centre is an optional feature to subscribe to our email communications.

We may present you with recommendations to our products and services we believe you would like based on the information you provide us and the selections you make in the preference centre, unless you tell us not to here.

Hi!

Conduct risk: delivering an effective framework

Conduct risk: delivering an effective framework

Every company faces a unique set a conduct risks based on their industry and size. Building an effective framework for managing that risk can be a Herculean task. We have identified six core areas to simplify the process.

Highlights

Also on KPMG.com

Since the Financial Conduct Authority (FCA) took over the supervision of consumer protection in 2013, conduct risk has risen to the top of executive agendas.

Conduct risk is broadly defined as any action of a financial institution or individual that leads to customer detriment, or has an adverse effect on market stability or effective competition. The FCA has deliberately set out a very wide definition of ‘conduct risk’,leaving the onus on financial services firms to prove how they are protecting customers.

Businesses that fail to bring conduct risk in line face regulatory action, fines, and reputational damage, which can harm a business for years beyond the event. We have seen significant financial impact on firms due to conduct-related regulatory action—and it can all stem from the actions of an individual. The latest report from the Fixed Income, Currencies and Commodities Markets Standards Board (FMSB) estimates banks have paid some $375 billion in conduct fines over the last five year.

Because there is a high public interest in conduct risk infringements, it is increasingly important to take a holistic view for an effective defence.

Identifying conduct risk

Most businesses stress the importance of senior executives playing a role in conduct risk, particularly in helping to raise the visibility of a programme. Firms with in-house initiatives are intrinsically better at identifying drivers of conduct risk, such as conflicts of interest.

Even with a conduct risk programme already in place, some firms still focus too much on crystalised risk, such as fines and losses, as opposed to developing forward looking risk indicators. Another core question to consider is: when does a product or behaviour move from being reasonable to unreasonable? We call this the tipping point analysis.

Drivers of conduct risk

Understanding and addressing the drivers of conduct risk is essential in improving standards of behaviour. While the starting point for this journey varies from firm to firm, there are three core areas at the root of conduct risk:

Inherent factors: These are characteristics intrinsic to financial markets and their participants, such as information asymmetries between firms and their clients or the financial capability of clients.

Structures and behaviours: The financial sector itself has entrenched behaviours and conflicts of interests that could prevent markets from working as well as they could.

Environmental factors: Macro-economic developments that have the potential to impact financial markets and in turn the long-term needs of consumers. Firms ineffectively responding to these pressures can lead to poor conduct outcomes.

While measuring conduct risk can be a challenge, it may be helpful to assess drivers through three lenses: specific business units; the overall firm; and the strategic medium to long term outlook.

Putting the framework together

Conduct risk programmes should be tailored to the needs of each firm based on size, business model, and geographic reach. The framework should take into account both short and long-term goals. The firms we have seen with the most successful programmes have regular board-level reviews that assess and challenge the programme. Scenario planning is a key consideration.

While there is no one-size-fits-all solution, we have identified six core areas for a successful conduct risk framework that can be seen in the diagram below. It covers governance, culture and behaviour, inherent and external risk assessment as well as key conduct controls and conduct management information.